Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > Java > Packet Capture

Reply
Thread Tools

Packet Capture

 
 
Captain Blammo
Guest
Posts: n/a
 
      11-04-2004
I was wanting to write a little network monitoring tool that will sit on my
network in promiscuous mode and gather stats from a few application layer
protocols. I'd want to keep tabs on how many connections are set up, as well
as things like how many HTTP requests go back and forth (maybe even what
type of resource is requested).

I'm quite new to the more in-depth aspects of networking, and was wondering
what package anyone would recommend for doing this. I'm currently looking at
Jpcap (http://sourceforge.net/projects/jpcap). If anyone knows of a good
reason to use/not use it, or has any alternate recommendations, they'd be
greatly appreciated. It seems to be more than capable doing what I want, but
I'm not sure if it is, or if there's something better suited to my needs out
there.

Ewan



 
Reply With Quote
 
 
 
 
Gordon Beaton
Guest
Posts: n/a
 
      11-05-2004
On Thu, 04 Nov 2004 18:49:37 GMT, Captain Blammo wrote:
> I was wanting to write a little network monitoring tool that will
> sit on my network in promiscuous mode and gather stats from a few
> application layer protocols. I'd want to keep tabs on how many
> connections are set up, as well as things like how many HTTP
> requests go back and forth (maybe even what type of resource is
> requested).
>
> I'm quite new to the more in-depth aspects of networking, and was
> wondering what package anyone would recommend for doing this. I'm
> currently looking at Jpcap (http://sourceforge.net/projects/jpcap).
> If anyone knows of a good reason to use/not use it, or has any
> alternate recommendations, they'd be greatly appreciated. It seems
> to be more than capable doing what I want, but I'm not sure if it
> is, or if there's something better suited to my needs out there.


Jpcap provides a Java binding to libpcap (package capture library) as
well as a visualisation tool. Similar tools like Ethereal and Tcpdump
(and probably any other packet capture tools you'll find) are all
based on libpcap, and differ mainly in presentation.

If you want to write your tool in Java, then Jpcap is probably the way
to go. Otherwise, Ethereal has a plugin architecture that lets you add
funtionality or support for additional protocols. Finally, using
libpcap directly (from C) isn't all that difficult if you want to
write a specialized tool.

Also realize that in a switched network, you can only see broadcast
traffic and traffic specifically to and from your host. Most likely
you won't be able to collect data for several servers from a single
location unless you can use a mirroring switch or a hub.

That said, it might be easier to collect http statistics from the web
server software itself (although I don't have any concrete suggestions
here). On the other hand, if you're talking about monitoring your own
use of (other) web servers, a web proxy might be a more suitable
solution.

/gordon

--
[ do not email me copies of your followups ]
g o r d o n + n e w s @ b a l d e r 1 3 . s e
 
Reply With Quote
 
 
 
 
Captain Blammo
Guest
Posts: n/a
 
      11-08-2004
> If you want to write your tool in Java, then Jpcap is probably the way
> to go. Otherwise, Ethereal has a plugin architecture that lets you add
> funtionality or support for additional protocols. Finally, using
> libpcap directly (from C) isn't all that difficult if you want to
> write a specialized tool.

<snip>

I do indeed want to write my own tool, as much for learning purposes as
anything else. Thanks for the advice, I guess I'll be using Jpcap.

Ewan


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
import packet.module without importing packet.__init__ ? Gelonida N Python 4 09-11-2011 02:17 PM
convert the ip packet to and from RS-232 packet Li Han Python 2 02-09-2009 02:43 PM
Security: rec'd packet not an ipsec packet ! mediumkuriboh Cisco 0 02-09-2009 12:14 AM
%PIX-4-402106: Rec'd packet not an IPSEC packet. lfnetworking Cisco 3 08-27-2006 05:30 AM
need wlan packet capture Anil Cisco 0 01-12-2005 03:26 PM



Advertisments